github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-15 01:38:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,993 Commits 28 Branches 145 Tags
v3.5.2
Commit Graph

2993 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
José Valim
d9939d1ea0 Release v3.5.2 v3.5.2 2015-08-10 14:46:36 +02:00
José Valim
703a0e0240 Merge pull request #3678 from OliveTreeBible/dctrotz-basic-auth-patch 
Basic auth case insensitive pattern match
 2015-08-10 14:14:06 +02:00
José Valim
48d8285344 Merge pull request #3699 from NeilvB/fix-line-break-edit-password 
Remove unnecessary line break on edit password page.
 2015-08-06 19:53:52 +02:00
Neil van Beinum
710496b6a8 Remove unnecessary line break on edit password page. 2015-08-06 18:21:34 +01:00
José Valim
2f45755e6c Merge pull request #3695 from yakovenkodenis/minor_grammar_improvements_at_readme 
Improve grammar on lines 189 and 352 in readme
 2015-08-02 13:53:24 +02:00
Denis Yakovenko
021f2da1e4 Improve grammar on lines 189 and 352 in readme 2015-08-02 13:48:31 +03:00
José Valim
bc6361ab9b Merge pull request #3661 from vincentwoo/plain_confirmation 
Do not use digests for confirmation tokens
 2015-07-30 11:43:10 +02:00
Vincent Woo
eb640ed344 Do not use digests for confirmation tokens 2015-07-30 01:55:50 -07:00
David Trotz
5c244d9e2b Basic auth case insensitive pattern match 
Allow basic authentication to be case insensitive as per the HTTP 1.1 spec RFC 2068 Section 11
> It uses an extensible, case-insensitive token to identify the authentication scheme, followed by a comma-separated list of attribute-value pairs which carry the parameters necessary for achieving authentication via that scheme.

We have a particular client in production that has basic auth hard-coded as `basic` rather than `Basic` and devise is rejecting perfectly fine credentials. Making this small change has allowed us to authenticate this client with no issues.
 2015-07-16 10:58:59 -07:00
José Valim
e538f02f30 Merge pull request #3672 from deivid-rodriguez/remove_obsolete_unused_config 
Remove obsolete unused `expire_auth_token_on_timeout` config
 2015-07-11 19:35:29 +02:00
David Rodríguez
4064641967 Remove obsolete expire_auth_token_on_timeout 
This should have been removed in dff7891b97
when token authentication (and the reset_authentication_token! method)
were removed.
 2015-07-11 09:01:22 -03:00
David Rodríguez
c72be1531c Keep Gemfile.lock in sync 
Forgotten in b23f5223dd
 2015-07-11 08:57:40 -03:00
José Valim
f0a168da5a Merge pull request #3670 from fengye87/master 
redirect to after_resetting_password_path always
 2015-07-10 17:32:37 +02:00
Feng Ye
4d89c709a5 redirect to after_resetting_password_path always 2015-07-10 20:01:42 +08:00
José Valim
737a55f9e1 Merge pull request #3659 from abevoelker/fix-auth-route-redirect 
Fix infinite redirect in Rails 4.2 authenticated routes. Closes #3643
 2015-07-04 11:38:21 +02:00
Carlos Antonio da Silva
fe5b7db6ab Merge pull request #3662 from vincentwoo/fix_mongo_dep 
Just use regular 4.x mongoid gem
 2015-06-30 22:33:45 -03:00
Vincent Woo
b23f5223dd just use regular 4.x mongoid gem 2015-06-30 16:02:06 -07:00
Abe Voelker
aa675f7f66 Fix infinite redirect in Rails 4.2 authenticated routes. Closes #3643 2015-06-27 14:25:09 -05:00
José Valim
181920886e Merge pull request #3653 from Envek/fix_routes_dynamic_segment_message 
Provided another solution in error message when using omniauth callbacks under a dynamic segment
 2015-06-24 19:41:28 +02:00
Andrey Novikov
4d8bec435d Provided another solution in error message when using omniauth callbacks under a dynamic segment 
Previous solution was too complex and wasn't worked for everyone. See discussion at https://github.com/plataformatec/devise/pull/2227

Fixes #3651 [ci skip]
 2015-06-24 20:39:25 +03:00
Lucas Mazza
5ba8f36958 Merge pull request #3641 from camelmasa/fix-cve 
Update rails gem for security
 2015-06-23 11:21:48 -03:00
José Valim
e2041d02e8 Merge pull request #3648 from samdec11/master 
Fix default email_regexp config to disallow trailing non-word characters
 2015-06-22 16:05:34 +02:00
Sean Marzug-McCarthy
d49533bedc Fix default email_regexp config to disallow trailing non-word characters 2015-06-22 15:41:49 +02:00
José Valim
3dc15c03a7 Merge pull request #3644 from takiy33/patch-1 
Remove rubyforge_project option
 2015-06-21 11:19:59 +02:00
takiy33
954767d456 Remove rubyforge_project option 
rubyforge_project option is deprecated.
 2015-06-21 18:12:28 +09:00
camelmasa
1aaf6345a4 Update rails gem for security 
See. http://weblog.rubyonrails.org/2015/6/16/Rails-3-2-22-4-1-11-and-4-2-2-have-been-released-and-more/
 2015-06-17 15:42:42 +09:00
Carlos Antonio da Silva
15b99977a2 Fix count of starting with rails resources 
After 055f67e414. [ci skip]
 2015-06-16 07:22:55 -03:00
José Valim
055f67e414 Update README.md 
See discussion in #3607
 2015-06-15 22:58:25 +02:00
Carlos Antonio da Silva
099aee5c5b Merge pull request #3630 from NAndreasson/fix/autoload-encryptor 
Autoload Encryptor
 2015-06-12 08:38:24 -03:00
Niklas Andréasson
65dc208ad7 Rm require 'devise/encryptor' in database_authenticable.rb 2015-06-12 13:18:34 +02:00
Niklas Andréasson
e3244b2c31 Autoload Encryptor 2015-06-12 10:36:45 +02:00
Carlos Antonio da Silva
aa49dd53b5 Merge pull request #3627 from vishaldeepak/master 
Add codecademy authorization tutorial
 2015-06-09 07:32:02 -03:00
VISHAL DEEPAK
916c0fc60b Add codecademy authorization tutorial 
A really good , learn by doing, tutorial at codecademy
 2015-06-09 15:51:45 +05:30
José Valim
4acb504324 Merge pull request #3616 from yui-knk/refactor/alias 
Refactoring `expire_data_after_sign_out!`
 2015-06-03 09:01:43 +02:00
yui-knk
3207c73d4b Refactoring expire_data_after_sign_out! 
This method is same to `expire_data_after_sign_in!`,
so alias it
 2015-06-03 13:14:18 +09:00
Carlos Antonio da Silva
2510c949e5 Merge pull request #3615 from Dbz/fixed_typo 
fixed typo referring to routes.rb file
 2015-06-02 23:03:51 -03:00
Danny Burt
29e257e8ba fixed typo referring to routes.rb file 2015-06-02 18:10:22 -07:00
José Valim
1a0192201b Merge pull request #3607 from rodrigoargumedo/patch-1 
Add GoRails resource into README.md
 2015-05-27 09:43:57 +02:00
Rodrigo Argumedo
8db50f4377 Add GoRails resource into README.md 2015-05-26 17:53:10 -06:00
José Valim
42c1ad3c78 Release v3.5.1 v3.5.1 2015-05-26 15:10:29 +02:00
José Valim
e641b4b7b9 Also reset password token on email change 2015-05-26 15:09:07 +02:00
José Valim
fe49e625e8 Do not accept empty authentication_salt too 2015-05-26 15:04:27 +02:00
José Valim
31901bc862 Clear up reset password token whenever encrypted password changes 2015-05-26 15:00:12 +02:00
José Valim
b14995167b Do not mark _prefixes as protected 2015-05-26 09:53:38 +02:00
José Valim
4c137c4806 Release v3.5.0 v3.5.0 2015-05-23 22:44:49 +02:00
José Valim
e5c3462a62 Merge pull request #3539 from rubyengineer/formatting 
Formatting
 2015-05-23 22:23:52 +02:00
José Valim
7952f1336d Merge pull request #3541 from cipater/fix-failureapp 
Use router_name from scope if available
 2015-05-23 22:23:40 +02:00
José Valim
55ef8004e6 Merge pull request #3542 from lboix/patch-1 
Adding link to wiki + include clarification
 2015-05-23 22:23:09 +02:00
José Valim
4b41dab11b Merge pull request #3601 from Angelmmiguel/master 
Allow the user to set the length of friendly token
 2015-05-23 22:15:48 +02:00
José Valim
1f3638aaa5 Do not clean up CSRF on rememberable 2015-05-23 22:13:59 +02:00